Detection and Analysis of Security Vulnerabilities in Java

There are several tools that use techniques like static analysis, lexical analysis etc to detect the vulnerabilities in Java based programs. However still there are vulnerabilities which are not traceable by the available tools. The objective of this paper is twofold. We develop a method to detect vulnerabilities in Java programs. Further we analyze the dependencies among the vulnerabilities using mathematical lattice theory based formal concept analysis. Our experimental result show that the proposed model is able to detect the untraceable vulnerabilities and the dependency analysis is in good agreement with the literature.

Parallel keywords

Formal Concept Analysis ； Java Programs ； Static Analysis ； Vulnerability Detection

References

Aswani Kumar, Ch.(2011).Knowledge discovery in data using formal concept analysis and random projections.International Journal of Applied Mathematics and Computer Science.21(4),745-756.

Google Scholar

Aswani Kumar, Ch.(2011).Mining association rules using non-negative matrix factorization and formal concept analysis.Communications in Computer and Information Science.157,31-39.

Google Scholar

Aswani Kumar, Ch.(2012).Modeling access permissions in role based access control using formal concept analysis.Wireless Networks and Computational Intelligence.(Wireless Networks and Computational Intelligence).:

Google Scholar

Aswani Kumar, Ch.(2012).Fuzzy clustering based formal concept analysis for association rules mining.Applied Artificial Intelligence.26(3),274-301.

Google Scholar

Aswani Kumar, Ch.(2013).Designing role based access control using formal concept analysis.Security and Communication Networks.6(3),373-383.

Google Scholar

Cited by

Shih, J. F. (2011). 一套整合的網路應用安全分析與驗證工具 [master's thesis, National Taiwan University]. airiti Library. https://doi.org/10.6342/NTU.2011.01077

Read-around

Bian, G., Nakayama, K., Kobayashi, Y., & Maekawa, M. (2007). Java Bytecode Dependence Analysis for Secure Information Flow. International Journal of Network Security, 4(1), 59-68. https://doi.org/10.6633/IJNS.200701.4(1).07
Park, J. G., & Park, M. S. (2002). Specializing Java Programs in a Distributed Environment. Journal of Information Science and Engineering, 18(5), 787-801. https://doi.org/10.6688/JISE.2002.18.5.4
Chen, J. W. (2021). Build Open Source Java projects with Auto-Classifying-Fixing approach [master's thesis, National Taiwan University]. airiti Library. https://doi.org/10.6342/NTU202102455
Huang, Y. W. (2012). Dynamic and Static Methods for Identifying Web Application Vulnerabilities [doctoral dissertation, National Taiwan University]. airiti Library. https://doi.org/10.6342/NTU.2012.10063
Tsai, Y. S. (2009). A Study of Methods and Tools for Analyzing Security Vulnerabilities in Web Applications [master's thesis, National Taiwan University]. airiti Library. https://doi.org/10.6342/NTU.2009.03309

Altmetrics

Detection and Analysis of Security Vulnerabilities in Java

Download

This website uses cookies.

In order to continuously optimize website functionality and user experience, this website uses cookies analysis technology for website operation, analysis, and personalized services.

If you continue to browse this website, it means you agree to the use of cookies on this website.

Privacy Statement